From 8d279c3aa9789070d7d70a052f8292fcb51293b3 Mon Sep 17 00:00:00 2001 From: Kim Klein Date: Mon, 13 Sep 2021 14:53:30 -0700 Subject: [PATCH] Added precompiling info to windows defender app control and .net doc. --- ...defender-application-control-with-dynamic-code-security.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-dynamic-code-security.md b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-dynamic-code-security.md index f1f66a910c..4e5b70ba33 100644 --- a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-dynamic-code-security.md +++ b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-dynamic-code-security.md @@ -31,10 +31,12 @@ Dynamic Code Security is not enabled by default because existing policies may no Additionally, a few .NET loading features, including loading unsigned assemblies built with System.Reflection.Emit, are not currently supported with Dynamic Code Security enabled. Microsoft recommends testing Dynamic Code Security in audit mode before enforcing it to discover whether any new libraries should be included in the policy. +Additionally, customers can precompile for deployment only to prevent an allowed executable from being terminated because it tries to load unsigned dynamically generated code. See the "Precompiling for Deployment Only" section in the [ASP.NET Precompilation Overview](https://docs.microsoft.com/en-us/previous-versions/aspnet/bb398860(v=vs.100)) document for how to fix that. + To enable Dynamic Code Security, add the following option to the `` section of your policy: ```xml -``` +``` \ No newline at end of file